Scythe
New member
- Dec 16, 2020
- 1
I ran a typical full Malwarebytes scan and it found that there's a "virus" within the listed .exes. I Googled this issue to see if anyone else had this issue and apparently these logs correlate with someone else who claims they might have a Netsha virus. I ran across these as well as the folder they are under with Kaspersky, Microsoft Defender, and VirusTotal and they all came across clean except for Malwarebytes. I posses the demo version of FL directly downloaded from their website.
OS: Windows 10
Location: C:\Program Files\Imagine-Line\FL Studio 29=0\System\Tools\LilyPond\bin\python.exe
C:\Program Files\Imagine-Line\FL Studio 29=0\System\Tools\LilyPond\bin\guile.exe
C:\Program Files\Imagine-Line\FL Studio 29=0\System\Tools\LilyPond\bin\gspawn-win32-helper.exe
Anti-Virus software: Malwarebytes ver 4.3.0.98
Threat name:
Malware.AI2634601700
Malware.AI3391115749
Malware.AI4019141435
(in order of location details provided)
Here are the logs from Malwarebytes:
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 12/16/20
Scan Time: 12:14 AM
Log File: f66c14b0-3f65-11eb-81a9-98fa9b43f1cb.json
-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1130
Update Package Version: 1.0.34399
License: Free
-System Information-
OS: Windows 10 (Build 19041.685)
CPU: x64
File System: NTFS
User: *erased*
-Scan Summary-
Scan Type: Custom Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 40
Threats Detected: 3
Threats Quarantined: 3
Time Elapsed: 0 min, 11 sec
-Scan Options-
Memory: Disabled
Startup: Disabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 3
Malware.AI.4019141435, C:\PROGRAM FILES\IMAGE-LINE\FL STUDIO 20\SYSTEM\TOOLS\LILYPOND\BIN\GUILE.EXE, Quarantined, 1000000, 0, 1.0.34399, BC355A0F77CD0F31EF8F3B3B, dds, 01029687, 1680A2ABB258FBF3B97172CF207F413B, 52BFA2BEA34FE6AB9A34076433D3AAB6B8353A84CB29650F5980B5E28BC23C0A
Malware.AI.3391115749, C:\PROGRAM FILES\IMAGE-LINE\FL STUDIO 20\SYSTEM\TOOLS\LILYPOND\BIN\GSPAWN-WIN32-HELPER.EXE, Quarantined, 1000000, 0, 1.0.34399, 049DBC3E4B25E0A1CA2051E5, dds, 01029687, BC137A0466E9E9CAA7C67B40629AE4F0, 1A65BA83A908C053FD5E971BEA33D3FA26DEDC1B6129E3E2D5CB6CBDD982C2FA
Malware.AI.2634601700, C:\PROGRAM FILES\IMAGE-LINE\FL STUDIO 20\SYSTEM\TOOLS\LILYPOND\BIN\PYTHON.EXE, Quarantined, 1000000, 0, 1.0.34399, 441DB63DECC148429D08D4E4, dds, 01029687, 1C36452C2DAD8DA95D460BEE3BEA365E, 9C33F106FC93F3E6523627FEDA2E3250C45D704946DBDF87AD18FB3D815E2992
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
OS: Windows 10
Location: C:\Program Files\Imagine-Line\FL Studio 29=0\System\Tools\LilyPond\bin\python.exe
C:\Program Files\Imagine-Line\FL Studio 29=0\System\Tools\LilyPond\bin\guile.exe
C:\Program Files\Imagine-Line\FL Studio 29=0\System\Tools\LilyPond\bin\gspawn-win32-helper.exe
Anti-Virus software: Malwarebytes ver 4.3.0.98
Threat name:
Malware.AI2634601700
Malware.AI3391115749
Malware.AI4019141435
(in order of location details provided)
Here are the logs from Malwarebytes:
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 12/16/20
Scan Time: 12:14 AM
Log File: f66c14b0-3f65-11eb-81a9-98fa9b43f1cb.json
-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1130
Update Package Version: 1.0.34399
License: Free
-System Information-
OS: Windows 10 (Build 19041.685)
CPU: x64
File System: NTFS
User: *erased*
-Scan Summary-
Scan Type: Custom Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 40
Threats Detected: 3
Threats Quarantined: 3
Time Elapsed: 0 min, 11 sec
-Scan Options-
Memory: Disabled
Startup: Disabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 3
Malware.AI.4019141435, C:\PROGRAM FILES\IMAGE-LINE\FL STUDIO 20\SYSTEM\TOOLS\LILYPOND\BIN\GUILE.EXE, Quarantined, 1000000, 0, 1.0.34399, BC355A0F77CD0F31EF8F3B3B, dds, 01029687, 1680A2ABB258FBF3B97172CF207F413B, 52BFA2BEA34FE6AB9A34076433D3AAB6B8353A84CB29650F5980B5E28BC23C0A
Malware.AI.3391115749, C:\PROGRAM FILES\IMAGE-LINE\FL STUDIO 20\SYSTEM\TOOLS\LILYPOND\BIN\GSPAWN-WIN32-HELPER.EXE, Quarantined, 1000000, 0, 1.0.34399, 049DBC3E4B25E0A1CA2051E5, dds, 01029687, BC137A0466E9E9CAA7C67B40629AE4F0, 1A65BA83A908C053FD5E971BEA33D3FA26DEDC1B6129E3E2D5CB6CBDD982C2FA
Malware.AI.2634601700, C:\PROGRAM FILES\IMAGE-LINE\FL STUDIO 20\SYSTEM\TOOLS\LILYPOND\BIN\PYTHON.EXE, Quarantined, 1000000, 0, 1.0.34399, 441DB63DECC148429D08D4E4, dds, 01029687, 1C36452C2DAD8DA95D460BEE3BEA365E, 9C33F106FC93F3E6523627FEDA2E3250C45D704946DBDF87AD18FB3D815E2992
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
